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BACKGROUND OF THE INVENTION 



1. Technical Field: 

The present invention relates in general to 
telecommunications and, in particular, to voice identification. 
Still more particularly, the present invention relates to 
initiating authentication of the identity of a callee at an 
intermediary device. 

2. Description of the Related Art: 

Telephone service has created communication channels 
worldwide, and those channels continue to expand with the advent 
of cellular and other wireless services. A person can simply 
take a telephone off-hook and dial a destination number or press 
a send button and be connected to a telephone line around the 
world. 

Today, the public switching telephone network (PSTN), 
wireless networks, and private networks telephone services are 
based on the identification of the wireless telephone or wireline 
that a calling party uses. Services are personalized according 
to wireless telephone or wireline telephone number, where 
services associated with one telephone number are not accessible 
for another telephone number assigned to the same subscriber. 
For example, there is typically a first set of service features 
and billing options assigned to a home line number, a second set 
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of service features and billing options assigned to an office 
line number, and a third set of service features and billing 
options assigned to a cellular telephone number. The networks 
process calls to and from each of these different subscriber 
telephones based on a separate telephone number. 

One of the services provided by many networks is caller 
identification. However, caller identification (caller ID) is 
limited to identification the wireline or wireless telephone 
number and the name of the subscriber of a service. Where 
multiple people share a single line, only the name of the person 
who establishes a service is displayed as the caller ID, often 
causing confusion about who is actually calling. 

In addition, caller ID is limited because caller ID only 
flows to the calling party. Further, returning the 
identification of the telephone number that a caller has dialed 
is redundant and many telephones already provide a display of the 
numbers dialed by a caller as the caller is dialing. 

Therefore, in view of the foregoing, it would be 
advantageous to provide a method, system, and program for 
providing a calling party with the identity of the person 
answering a call (e.g. the callee) . In addition, it would be 
advantageous to provide a method, system, and program for 
specifying services available to a callee at any telephony device 
according to the identity of the callee. 

Each service provided from by the PSTN must be extensively 
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tested for faults and requires expensive hardware for 
implementation. Therefore, in view of the foregoing, it would be 
a further advantage to provide a method, system, and program for 
implementing services by devices external to the PSTN. 
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SIJMMARY OF THE INVENTION 

In view of the foregoing, it is therefore an object of the 
5 present invention to provide an improved telecommunications 
system. 

It is another object of the present invention to provide a 
method, system and program for improved voice identification. 

c|o 

[j It is yet another object of the present invention to provide 

ifl a method, system and program for initiating authentication of the 
m identity of a caller at an intermediary device. 

1^5 According to one aspect of the present invention, a caller 

^ places a call to a particular line number. In return, the caller 
m receives an authenticated identity of the callee who answered the 
^■"^ call- 

20 According to another aspect of the present invention, a 

trusted telephone network detects a call receipt connection from 
a destination device. The trusted telephone network then brokers 
a connection between the destination device and an external 
server enabled to perforin a callee identity authentication 

25 service. A secure connection is preferably established between 
the trusted telephone network and the external server. 



An authenticated identity of the callee is returned from the 
callee identity authentication service to the trusted telephone 
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network. The trusted telephone network then transfers the 
authenticated callee identity to a caller and specifies services 
available for a call according to a callee profile for the 
authenticated callee identity. 

The external server preferably prompts a callee for a voice 
utterance. In particular, the prompt may indicate the necessary 
content of the voice utterance. The external server then 
compares the voice utterance with stored voice templates to 
identify and verify an identity of a callee. 

All objects, features, and advantages of the present 
invention will become apparent in the following detailed written 
description. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

The novel features believed characteristic of the invention 
are set forth in the appended claims. The invention itself 
however, as well as a preferred mode of use, further objects and 
advantages thereof, will best be understood by reference to the 
following detailed description of an illustrative embodiment when 
read in conjunction with the accompanying drawings, wherein: 

Figure 1 depicts a block diagram of a network environment in 
which the present invention may be implemented; 

Figure 2 illustrates a block diagram of the flow of a voice 
identifier authenticated by an intermediary device in accordance 
with the method, system, and program of the present invention; 

Figure 3 depicts a block diagram of the flow of a voice 
identifier authenticated by an external system accessible from an 
intermediary device in accordance with the method, system, and 
program of the present invention; 

Figure 4 illustrates a flow diagram of a signal flow and 
processing where an intermediary device authenticates a callee 
identity in accordance with the method, system, and program of 
the present invention; and 

Figure 5 depicts a flow diagram of a signal flow and 
processing where an external system is accessed by an 
intermediary device to authenticate a callee identity in 



AUS920010822US1 -8- 



accordance with the method, system, and program of the present 
invention. 
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DETAILED DESCRIPTION OP THE PREFERRED EMBODIMENT 

A method, system, and program for intermediary device 
initiated callee authentication are provided. By authenticating 
a callee identity at an intermediary device, the callee identity 
may be transferred from the intermediary device to an origin 
device- The caller identity received at the origin device 
identifies the callee, rather than the line to which a call is 
made. An intermediary device may also utilize the authenticated 
callee identity to specify services available for a call, such 
that telephone lines are not limited to the services selected by 
the line subscriber or those services available to the caller . 

One advantage of intermediary device callee identity 
authentication includes performing callee identification within a 
trusted network, wherein minimal security is necessary for 
transferring information within the trusted network. The 
intermediary device may include multiple telephone networks for 
multiple telephone service providers, where the service providers 
agree to a general level of trust for calls and information 
transferred across the telephone network boundaries. 

However, performance of callee identity authentication 
within an intermediary device may be cost prohibitive in some 
cases because of the extensive software testing requirements and 
the cost of implementing hardware within the trusted network. 
Therefore, an intermediary device may initiate callee identity 
authentication by accessing an external system via an external 
network. 
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The external system includes a service that is 
advantageously enabled to authenticate the identity of a callee. 

Communications between the intermediary device and the external 
system may require an additional level of security and 
verification, since the external system is located outside the 
trusted network. Where an authenticated callee identity is 
utilized by an intermediary device to designate services 
available for a call, those services may also be accessible from 
an external system, accessible via an external network. 

While in the present invention, authentication of a callee 
identity is described with emphasis placed on voice 
authentication, other methods of callee identity authentication 
may also be performed. Voice samples utilized for voice 
authentication are just one of multiple types of biometric 
sampling. For example, a callee may locally provide an eye scan, 
a fingerprint, and other biophysical identifiers that are 
transmitted within or outside the trusted network to authenticate 
the identity of the callee. Alternatively, keypad entries, such 
as a pin code, credit card account number, password, or other 
secure transaction key may be entered by a callee and utilized to 
authenticate the identity of the callee. 

In addition, while in the present invention, authentication 
of a callee identity is described with emphasis upon performing 
authentication at the beginning of a call, authentication of a 
callee identity may be performed continuously throughout a call, 
at selected points throughout a call, and after a call. Selected 
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points where authentication may be performed include when an 
additional phone pick-up is detected^ when a new voice is 
detected at the destination device, when a call is transferred 
from one telephone device to another, and other routing of a call 
5 that may result in a new callee or in a call being recorded. 

Further, while the present invention is described with 
emphasis upon a callee identity authentication being made for a 
1^^^ call to continue, a call may also continue without callee 
^;I.O identity authentication. However, where a callee is not 
ll identifiable, it may be advantageous to automatically log that 
the callee lacks proper identification and automatically record 
calls that lack proper callee identification. 

ly 

|4L5 According to another advantage of the present invention, the 

I'f , identity of the device utilized by a callee may also be 
m identified. First, the identity of the device may include the 
^'^ number dialed to reach the callee. In particular, where a caller 
requests to call a particular person and the trusted network 
20 determines and dials the number at which the particular person 
may be reached, it may be advantageous to notify the caller of 
the number dialed to reach the device accessible to the callee. 
The intermediary network may first extend calls to multiple 
devices, where each device is accessible to the particular 
25 person, to locate the particular person and then connect the 
caller to the requested callee at one of the multiple devices. 



In addition, the identity of the device may indicate the 
person to whom a device belongs, the type of device, or the line 
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number utilized to access a device. For example, a caller may 
dial a number to reach the callee, where the device reached via 
the dialed number is a company wireline or wireless telephone. 

Further, other information about the routing of the call to 
the particular device may be indicated. For example, if the call 
was forwarded to another number, that forwarded number and the 
identity of the device answered at that forwarded number may be 
provided to the caller. Where a call is forwarded within a call 
center from representative to representative, the identities of 
each callee representative and the line number or extension of 
each callee representative are recorded and forwarded with an 
RVID. 

For purposes of the present invention, telephony devices are 
termed origin devices when utilized for origination of a call to 
an intermediary device and are termed destination devices when 
utilized for receipt of a call from an intermediary device. 
Subscribers to a call are termed callers when originating a call 
and are termed callees when receiving a call. Callers and 
callees may or may not be line subscribers to the particular 
telephony device utilized. 

In the following description, for the purposes of 
explanation, numerous specific details are set forth to provide a 
thorough understanding of the present invention. It will be 
apparent, however, to one skilled in the art that the present 
invention may be practiced without these specific details. In 
other instances, well-known structures and devices are shown in 
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block diagram form to avoid unnecessarily obscuring the present 
invention. 

With reference now to the figures, and, in particular, with 
5 reference now to Figure 1, there is depicted a block diagram of a 
network environment in which the present invention may be 
implemented. While the present invention is described with 
reference to one type of network environment, it will be 
understood by one with skill in the art that the present 
llO invention may be implemented in alternate types of network 
st environments . 



Switching Telephone Network (PSTN) 10. As is known in the art 
the core of PSTN 10 may include multiple telephone networks, each 
owned by one of multiple independent service providers. Each 
telephone line is carried by an independent service provider 



20 within PSTN 10 and is typically assigned to at least one 
subscriber. 

Switching of a call within an independent service provider's 
telephone network is considered trusted movement within a trusted 
25 network because the call remains within the company's telephone 
network infrastructure- However, calls may be transferred from 
one service provider' s telephone network to another service 
provider's telephone network in generally trusted movement. 
Generally, service providers are in competition with one another 



GENERAL NETWORK ENVIRONMENT 




First, the network environment incorporates a Public 
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and therefore there is general trust in transferring a call, but 
not trust in sharing of subscriber information beyond a 
subscriber number and name from one service provider to the next 
without security features or other arrangements. 

Advantageously, each telephone network within PSTN 10 may 
access a data network functioning as an extension to PSTN 10 via 
an Intranet. Data networks may include, for example, subscriber 
profiles, billing information, and preferences that are utilized 
by a service provider to specialize services. Transfer of 
information between a service provider' s data network and 
telephone network is trusted movement in sharing of information. 

Further, each telephone network within PSTN 10 may access 
server systems external to PSTN 10 in the Internet Protocol over 
the Internet or an Intranet. Such external server systems may 
include an enterprise server, an Internet service provider (ISP), 
an access service provider (ASP) , a personal computer, and other 
computing systems that are accessible via a network. In the 
present embodiment, transfer of information between PSTN 10 and 
server systems accessible via a network 20 is untrusted and 
therefore may require verification and additional security. 
Network 20 may be preferably considered an external network. 

In the present invention, network 20 may comprise a private 
network, an Intranet, or a public Internet Protocol network. 
Specifically, telco application server 22, generic application 
server 24, pervasive application server 26, and systems 
management server 28 represent server systems external to PSTN 10 
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that may be accessed by PSTN 10 over network 20. 

In particular, telco application server 22 preferably 
includes multiple telco specific service applications for 
5 providing services to calls transferred to a server external to 
PSTN 10. In particular, a call may be transferred from PSTN 10 
to telco application server 22 to receive at least one service 
and then the call is transferred back to PSTN 10. PSTN 10 
|A preferably brokers the connection between the telephony device 
J^O and telco application server 22. Such services may also be 
I* provided to calls within PSTN 10, however placing such services 
}-[ at a third party such as telco application server 22, is 
?9 advantageous because adding services and information to PSTN 10 

K S i 

I" is time consuming and costly when compared with the time and cost 
ijs of adding the services through telco application server 22. 

S TO? 

In accord with an advantage of the present invention, as 
|i will be further described, the identity of both the caller and 
the callee may be authenticated by one of telephony devices 8a- 
20 8n, PSTN 10, or by telco application server 22. By 

authenticating the actual identity of the person making a phone 
call and the person receiving the phone call, rather than the 
identification of a device from which a call is made and 
received, an enhanced specialization of services to subscribers 
25 may be performed. 

An authentication service within telco application server 22 
may include identification and verification of the identity of a 
caller and/or callee of a particular call. Such a service may 
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require that subscribers provide voice samples when setting up a 
subscription. The stored voice samples may then be compared 
against voice samples received for a particular call in order to 
authenticate the identity of a current caller or callee of the 
5 particular call. 

Generic application server 24 preferably accesses 
independent server systems that provide services. For example, a 
n.^ messaging server, a financial server, an Internal Revenue Service 
Ho (IRS) server, and database management system (DBMS) server may be 

accessed in HTTP via network 20. Each of these servers may 
Ijjj include a telco service application that requires authentication 
IQ of the subscriber before access is granted. For example, a 

financial server may provide a telco service application that 
|;:|I5 allows an authenticated subscriber to access current financial 
;-f records and request stock quotes from the financial server. 

IJf Pervasive application server 26 manages services for 

wirelessly networked devices. In particular, pervasive 
20 application server 26 preferably handles distribution of wireless 
packets of voice and data to wirelessly networked devices 
utilizing a standard such as short messaging service (SMS) 
messaging or other 3G standards. 

25 Systems management server 28 manages subscriber 

personalization via the web. In particular, systems management 
server 28 includes browser technology that includes a 
provisioning console 30 for establishing a subscriber profile and 
a management console 32 for managing and updating the subscriber 
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profile. A subscriber preferably accesses the consoles of 
systems management server 28 via the Internet utilizing a 
computing system, such as computing systems 34a-34n. 

The subscriber profile may be accessed at systems management 
server 28 by other external servers and PSTN 10 via network 20. 
In addition, a local copy of a subscriber profile updated in 
systems management server 28 may be stored within a particular 
service provider's data network or telephone network. Each 
service provider may specify the types of preferences and other 
information included within a subscriber profile. 

In particular, a subscriber may provide a voice imprint when 
establishing a subscriber profile through provisioning console 
30. Other types of authentication information may also be 
provided including, but not limited to, a password, an eye scan, 
a smart card ID, and other security devices. In addition, a 
subscriber may designate billing preferences, shopping 
preferences, buddy list preferences, and other preferences that 
enable specialized service to the subscriber when the 
subscriber's identity is authenticated from the voice imprint or 
other identification. 

Advantageously, a management agent is built into each 
external server to monitor the services provided by each server 
according to the authenticated subscriber receiving the services. 

By monitoring service output according to subscriber, the 
subscriber may then be billed according to each use of a service. 
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PSTN 10 preferably includes both voice and data signaling 
networks that interface with network 20 via gateways. Each of 
the gateways acts as a switch between PSTN 10 and network 20 that 
may compress a signal, convert the signal into Internet Protocol 
(other protocol) packets, and route the packets through network 
20 to the appropriate server. 

In particular, the voice network interfaces with network 20 
through media gateway 14 which supports multiple protocol 
gateways including, but not limited to, SIP. SIP is a signaling 
protocol for Internet conferencing, telephony, presence, events 
notification and instant messaging. 

In addition, in particular, the data signaling network 
interfaces with network 20 through signaling gateway 12 which 
supports multiple protocol gateways including, but not limited 
to, parlay protocol gateways and SS7 protocol gateways. Internet 
servers, such as telco application server 22 may include protocol 
agents that are enabled to interact with multiple protocols 
encapsulated in Internet Protocol packets including, but not 
limited to, SS7 protocol, parlay protocol, and SIP. 

IDENTITY AUTHENTICATION AND CALL CONTROL 

Looking into PSTN 10, a telephone network typically includes 
multiple switches, such as central office switches lla-lln, that 
originate, terminate, or tandem calls. Central office switches 
lla-lln utilize voice trunks for transferring voice 
communications and signaling links for transferring signals 
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between signaling points. 

Between signaling points, one central office switch sends 
signaling messages to other central office switches via signaling 
5 links to setup, manage, and release voice circuits required to 
complete a call. In addition, between signaling points, central 
office switches lla-lln query service control points (SCPs) 15 to 
determine how to route a call. SCPs 15 send a response to the 
1^ originating central office switch containing the routing 
?io number (s) associated with the dialed number. 

J!^ SCPs 15 may be general purpose computers storing databases 

$ -la? 

10 of call processing information. While in the present embodiment 
SCPs 15 are depicted locally within PSTN 10, in alternate 

iii 

l'?L5 embodiments SCPs 15 may be part of an extended network accessible 

|i to PSTN 10 via a network. 

lU 

Ls; One of the functions performed by SCPs 15 is processing 

calls to and from various subscribers. For example, an SCP may 

20 store a record of the services purchased by a subscriber, such as 
a privacy service. When a call is made to the subscriber, the 
SCP provides record of the privacy service to initiate an 
announcement to a caller to identify themself to the subscriber 
with the privacy service who is being called. According to an 

25 advantage of the invention, authentication of the identity of the 
subscriber receiving the call may be required before the privacy 
service is initiated for that subscriber. 



In particular, network traffic between signaling points may 
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be routed via a packet switch called an service transfer point 
(STP) 13. STP 13 routes each incoming message to an outgoing 
signaling link based on routing information. Further, in 
particular, the signaling network may utilize an SS7 network 
implementing SS7 protocol. 

Central office switches lla-lln may also send voice and 
signaling messages to intelligent peripherals (IP) 17 via voice 
trunks and signaling channels. IP 17 provides enhanced 
announcements, enhanced digit collection, and enhanced speech 
recognition capabilities. 

According to an advantage of the present invention, the 
identity of a caller is authenticated according to voice 
authentication. Voice authentication is preferably performed by 
first identifying a subscriber by matching the name or other 
identifier spoken with a subscriber name or identifier. Next, 
voice authentication requires verifying that the voice audio 
signal matches that of the identified subscriber. However, in 
alternate embodiments, the identity of a subscriber may be 
authenticated according to passwords, eye scans, encryption, and 
other security devices. 

In particular, to perform subscriber authentication of audio 
signals received from callers, IP 17 may include storage for 
subscriber specific templates or voice feature information, for 
use in authenticating subscribers based on speech. If a 
subscriber specific template is not stored on a local IP 17, then 
a remote IP containing the subscriber specific template may be 
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accessed via a network- In addition, local IP 17 may access 
systems management server 28 or another repository for voice 
imprints to access the subscriber specific template. 

Where IP 17 authenticates the identity of a caller (e.g. the 
subscriber placing a call), a voice identifier (VID) representing 
the authenticated caller identity is transferred as a signal for 
identifying the caller. In addition, where IP 17 authenticates 
the identity of a callee (e.g. the subscriber receiving a call), 
a reverse VID (RVID) including the callee identity is transferred 
as a signal for identifying the callee. 

Alternatively, to perform subscriber authentication of audio 
signals received from callers, PSTN 10 may broker a callee 
identity authentication service from telco application server 22. 
In particular, a signaling channel is opened between central 
office switches lla-lln and telco application server 22 via 
signaling gateway 12. In addition, a voice channel is opened 
between central office switches lla-lln and telco application 
server 22 via media gateway 14. 

Because telco application server 22 is located outside of 
the trusted network, there may be a time delay associated with 
establishing a connection to telco application server 22 and 
authenticating the identity of a callee that is longer than a 
time delay present where a callee identity is authenticated by IP 
17, However, the cost difference of performing callee 
identification outside PSTN 10 versus within PSTN 10 will 
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advantageously make any time delay seem insignificant. A 
subscriber who prefers PSTN 10 callee authentication, may be 
required to pay an additional fee for the speedier service. 

5 In addition, because telco application server 22 is located 

outside of the trusted network, it is advantageous to establish a 
level of security for transactions between telco application 
server 22 and central office switches lla-lln, wherein the level 
|4. of security is suitable for untrusted communications. A level of 
^Jo security may be implemented by by utilizing security based 

I;; J 

Id. protocols, such as the secure socket layer, and by applying 
f.; ordinary encryption. In particular, the level of security 
15 preferably protects the communication channel between telco 

application server and PSTN 10 and authenticates the identity of 
I'^i-S the server from which a callee identity authentication service is 

ii'ii ii 

5J accessed. Therefore an additional feature of signaling gateway 
fy 12 and media gateway 14 is security verification. 

Advantageously, RVIDs indicate through text, voice, or video 
20 the identity of a callee. For example, a callee' s name may be 
transferred as the identity of a callee. Alternatively, a video 
clip stored with the subscriber template may be transferred as 
the identity of a callee. Additionally, RVIDs may indicate the 
identity of the device utilized by a callee to provide context 
25 for a call. Further, VIDs may indicate which system or systems 
have authenticated the callee identity. 

After a VID and/or RVID are determined by IP 17, IP 17 and 
SCP 15 may communicate to designate which services are available 
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according to VID and RVID. Advantageously, by designating 
services according to a VID and/or RVID, subscribers are provided 
with services and billed for those services independent of the 
devices utilized by subscribers. In particular, a 1129 protocol 
or other protocol may be utilized to enable signal communications 
between IP 17 and SCPs 15. 

In addition, as previously described, caller and callee 
authentication to determine VIDs and RVIDs may be performed by an 
external system, such as telco application server 22. The VID or 
RVID returned from telco application server 22 may be transferred 
from central office switches lla-lln to SCP 15 in order to access 
a subscriber profile associated with the VID or RVID. 
Alternatively, the VID or RVID may first transfer to IP 17, where 
additional verification of the caller identity is performed. For 
example, IP 17 may control distribution of the RVID to the 
callee, where the callee is prompted to enter a password or 
additional information, IP 17 may then initiate loading the 
callee profile into central office switches lla-lln if the 
additional callee input is verifiable for the RVID. 

An origin telephony device or destination telephony device 
may also determine a VID and/or RVID for the caller and/or callee 
of a call. In particular, telephony devices 8a-8n and call 
centers 16a-16n may function as origin and destination telephony 
devices. Each of the telephony devices may include a database of 
voice templates that may be matched to authenticate the identity 
of a caller or callee. In addition, each of the telephony 
devices may access a third party, such as telco application 
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server 22^ to authenticate the identity of the caller or callee. 

In either case, the telephony device transmits a VID and/or RVID 
with a call to PSTN 10, 

5 Telephony devices 8a-8n may include, but are not limited to 

wireline devices, wireless devices, pervasive device equipped 
with telephony features, a network computer, a facsimile, a 
modem, and other devices enabled for network communication. 
Advantageously, as previously described, a voice authentication 
functioning device may be included in each of telephony devices 

1:3,1 

U 8a-8n. 

1 y 

In addition, telephony devices 8a-8n may each incorporate a 
, display that provides a visual output of a VID or RVID. 
^j;15 Alternatively, such a display may be provided in a separate 
|4; device connected to the line in parallel to telephones 8a-8n. 

According to one advantage of the present invention, the identity 
|a of the actual caller or actual callee are output to a display in 

association with a call. In addition, other context information 
20 about the caller including, but not limited to, the device from 

which the call originates or is answered, ratings for a caller or 

callee, and other context information may be output to a display 

in association with a call. 

25 Telephony devices 8a-8n are communicatively connected to 

PSTN 10 via wireline, wireless, ISDN, and other communication 
links. Preferably, connections to telephony devices 8a-8n 
provide digital transport for two-way voice grade type telephone 
communications and a channel transporting signaling data messages 
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in both directions between telephony devices 8a-8n and PSTN 10. 

In addition to telephony devices 8a-8n, advanced telephone 
systems, such as call centers 16a-16n, may be communicatively 
5 connected to PSTN 10 via wireline, wireless, ISDN and other 
communication links. Call centers 16a-16n may include PBX 
systems, hold queue systems, private network systems, and other 
systems that are implemented to handle distribution of calls to 
|4: multiple representatives or agents. 

r'^' Returning to central office switches lla-lln, typically, one 

|y central office switch exists for each exchange or area served by 
Jjf the NXX digits of an NXX-XXXX (seven digit) telephone number or 
the three digits following the area code digits (NPA) in a ten- 
iflS digit telephone number. The service provider owning a central 
|:^. office switch also assigns a telephone number to each line 
j:;^ connected to each of central office switches lla-lln. The 
assigned telephone number includes the area code (NPA) and 
exchange code (NXX) for the serving central office and four 
20 unique digits (XXXX) . 

Central office switches lla-lln utilize office equipment 
(OE) numbers to identify specific equipment, such as physical 
links or circuit connections. For example, a subscriber's line 
25 might terminate on a pair of terminals on the main distribution 
frame of one of central office switches lla-lln. The switch 
identifies the terminals, and therefore a particular line, by an 
OE number assigned to that terminal pair. For a variety of 
reasons, a service provider may assign different telephone 
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numbers to the one line at the same or different times. For 
example, a local carrier may change the telephone number because 
a subscriber sells a house and a new subscriber moves in and 
receives a new number. However, the OE number for the terminals 
5 and thus the line itself remains the same. 

On a normal call, a central office switch will detect an 
off-hook condition on a line and provide a dial tone. The switch 
identifies the line by the OE number. The central office switch 
ilO retrieves profile information corresponding to the OE number and 
off-hook line. Then, the central office switch receives the 
dialed digits from the off-hook line terminal and routes the 
call. The central office switch may route the call over trunks 
fy and possibly through one or more central office switches to the 
lj.5 central office switch that serves the called party's station or 
t'W line. The switch terminating a call to a destination will also 
utilize profile information relating to the destination, for 
example to forward the call if appropriate, to apply distinctive 
ringing, etc. 



1^ 



20 



In the present invention, when a central office switch 
detects an off-hook condition on a line, the central office 
switch will then determine if a VID signal is transferred from 
the off-hook telephony device. If a VID is transferred, then a 
25 query is made to SCP 15 according to the VID for any services 
specified for the authenticated subscriber. Alternatively, a 
query may be transferred via network 20 to an external server, 
such as system management server 28, to determine the services 
specified for the caller. The central office switch will then 
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receive the dialed digits from the off-hook line terminal and 
route the call, providing services according to those preferred 
by the authenticated subscriber. 

In addition, an RVID may be provided in the present 
invention to authenticate the identity of a callee receiving the 
call. When a call is answered, the call is transferred back to 
IP 17 or telco application server 22 to authenticate the identity 
of the callee answering the call and load a profile for the 
callee. 

Further, a call may be forwarded or transferred to another 
line number. Preferably, for each callee identified, the line 
number and RVID are determined and stored for the call, such that 
a caller is able to view the path of a call. In particular, the 
path preferably designates both the callees accessed and the line 
numbers accessed. 

As another alternative to dialed digits from the off-hook 
line terminal, a caller may utilize a voice calling function of a 
telephony device for indicating how the call should be routed. 
For example, a caller may say the name of a preferred callee. 
The device or IP 17 may determine a person within the caller's 
calling list that matches the voiced name. The matching person's 
digits are then utilized to route the call. 

RVID AUTHENTICATION CONTEXT 
Referring now to Figure 2, there is illustrated a block 



AUS920010822US1 



-28- 



diagraiti of the flow of a voice identifier authenticated by an 
intermediary device in accordance with the method, system, and 
program of the present invention. 

As depicted, an intermediary device 42 authenticates a RVID 
for a current callee. Intermediary device 42 may include a PSTN 
switching network or networks. However, intermediary device 42 
may also include a PBX, a call center, or other private switching 
system. Further, intermediary device 42 may include network 
servers, telco application servers. Websphere? (Websphere? is a 
registered trademark of International Business Machines, Inc.) 
servers, and other systems which provide call processing. 

An origin device 40 is utilized by a caller to initiate a 
call. The caller preferably indicates a line number request. 
Intermediary device 42 connects origin device 40 with a 
destination device 44 associated with the line number request. 
In particular, destination device 44 may include a callee 
telephony device, as previously described. However, destination 
device 44 may also include a PBX, call center, or other private 
switching system that manages multiple telephony devices. 
Moreover, destination device 44 may include network servers, 
feature servers, client side devices, and other systems which 
provide call receipt. 

In addition or as an alternative to indicating a line number 
request, the caller may indicate a preferred callee or callees. 
Identifiers for the preferred callee or callees may be 
transferred with a call request for output at destination device 
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44. In addition, intermediary device 42 may utilize the 
preferred callee identifier to automatically locate the device at 
which the preferred callee is available. 

Upon detecting an answer to the call request from 
destination device 44, intermediary device 42 initiates 
authentication of the identity of the person or system that 
answers the call. A callee may provide a voice utterance which 
is transferred from destination device 44 to intermediary device 
42 for purposes of callee identity authentication. Intermediary 
device 42 may include at least one IP with access to an extended 
database of voice samples, combined into a service 
identification/verification (SIV) function 45. SIV function 45 
compares the voice utterance with the voice samples to 
authenticate the identity of a callee as a RVID. Then, 
intermediary device 42 may access a callee profile and other 
contextual information about a callee according to the RVID. In 
addition, the IP utilized to perform callee identity 
authentication may continue to monitor the callee voice 
continuously during the call and at selected points throughout 
the call. In particular, if another telephone device on the same 
line is detected off -hook, callee identity authentication may be 
triggered. 

The authenticated RVID may be filtered and distributed to 
multiple locations. In particular, the RVID may be recorded for 
the call. Then, the RVID is preferably filtered according to 
caller preferences, callee preferences, and intermediary device 
preferences. In particular, a callee profile may include a 
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request to block an RVID from transfer to a caller. 
Alternatively, a callee profile may include different titles, 
names, and other identifiers that are filterable according to the 
caller VXD. For example, if the caller is a business associate, 
then the RVID may be filtered to include the callee' s full name 
and position. However, if the caller is a friend, then the RVID 
may be filtered to include the callee' s nickname. Filtering and 
blocking may be performed by a filtering service within trusted 
telephone network 46 and/or outside trusted telephone network 46. 
A callee may also block the RVID from being distributed to 
online vendors and others with access to VIDs and RVIDs of 
current calls. 

When not blocked by the callee, the authenticated RVID is 
preferably transferred from intermediary device 42 to origin 
device 40 to indicate the identity of the party answering a call. 

Origin device 40 advantageously includes a display device or 
other output interface for output of the authenticated RVID to 
the caller, such that the identity of the callee of an incoming 
call is provided to the caller. The caller may be provided with 
an option to start communications with the callee, to transfer 
the call to another location, or to terminate the call. 

In the present invention, a RVID preferably authenticates 
the identity of a callee. However, it is advantageous that the 
RVID also include other information that provides a context for a 
call. Therefore, intermediary device 42 preferably captures and 
stores the line number utilized to access the callee. As a call 
is forwarded or transferred, the line number utilized to access 



AUS920010822US1 



-31- 



the current callee is preferably updated. 

For example, where a caller dials a line number and that 
line number is accessed to reach the callee, displaying the line 
number to the caller as party of the RVID informs the caller that 
the callee was available at the number dialed. In another 
example, where a call is forwarded from one line number to 
another, it would be advantageous to indicate in the RVID that 
the call was forwarded and provide the forwarded to line number, 
unless blocked by the callee or subscriber of the forwarded to 
line number. Further, a call received at a call center may be 
forwarded to a representative at a particular extension. 
Advantageously, at each stage that a call is transferred within 
the call center, the line number or extension niomber that a call 
is connected with is determined and included in an updated RVID 
to the caller. Further, where the caller only enters an 
identifier for a preferred callee and the intermediary device 
locates the callee, it would be advantageous to include the line 
number to enhance the callee identity. Therefore, in general, 
for each switch of a call to a new line number, the caller is 
preferably informed of the line number to provide additional 
context to the identity of a callee. 

Other examples of context information include, but are not 
limited to, the GPS location or time zone of the callee location, 
the device at which the call is received, the subject matter that 
a callee is willing to participate in, and whether the callee is 
calling on behalf of another, may be included in a RVID. 
Further, the identity of the device or system that performed the 
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callee authentication may be included in a RVID. 

A RVID may be transferred in multiple protocols, including, 
but not limited to. Interface Definition Language (IDL) . A RVID 
may include a range of information, where each type of 
information may be tagged or identified in some other manner. 
For example, the following tagged RVID may be transmitted to 
represent an authenticated identity of a callee: 

[name] Jon Smith 
[line] 222-101-0000 

[device] Jane Couch's business phone 
[location] Central Time zone 
[subject] Project A 

[authenticated by] External authentication service #40 

The tagged RVID may be updated during a call if the call is 
transferred to another line with a new callee: 

[name] Tad Frizzell 

[forwarded to line] 424-101-0005 

[device forwarded to] Tad Frizzell' s business phone 
[location] Eastern Time Zone 
[subject] Project A 
[previous line] 222-101-0000 

With reference now to Figure 3, there is depicted a bloclc 
diagram of the flow of a voice identifier authenticated by an 
external device accessible from an intermediary device in 
accordance with the method, system, and program of the present 
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invention. 

As illustrated, intermediary device 42 may access an 
external system with a request for callee identity 
authentication. In the present embodiment, intermediary device 
42 connects to external network 20 via signal and media gateways. 

In particular, by accessing services via external network 20, 
intermediary device 42 reaches outside of trusted network 
boundary 46. Therefore, additional levels of security, such as 
transfer of information utilizing a secure socket layer (SSL) and 
authenticating the location of a server performing the services, 
may be required. 

Telco application server 22 provides an external system 
enabled to authenticate a callee identity. Telco application 
server 22 may include an application that functions to identify a 
voice utterance and verify the voice utterance by comparison with 
a voice sample. Telco application server 22 may access external 
databases of voice samples. In addition, telco application 
server 22 may access voice samples via a general applications 
server, a systems management server, or telephony devices 
accessible via network 20. 

Telco applications server authenticates a callee identity as 
a RVID that is transferred into trusted network boundary 46 to 
reach intermediary device 42. Intermediary device 42 may then 
transfer the RVID to origin device 40. In addition, intermediary 
device 42 may utilize the RVID to access a callee profile within 
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the trusted network or from an external system. In particular, a 
complete callee profile may be combined from accessing callee 
profile components from systems within the trusted network and 
external to the trusted network. 

Another function of telco application server 22 is providing 
voice samples from a database to intermediary device 42. 
Intermediary device 42 may then perform callee identity 
authentication utilizing the voice samples received from telco 
application server 22. Telco application server 22 may access 
voice samples from multiple data storage systems accessible via 
network 20. 

By accessing a RVID or voice samples from telco application 
server 22, the functionality of intermediary device 42 is 
expanded without requiring the addition of costly hardware to 
intermediary device 42. Extending outside trusted network 
boundary 46 to transfer a call or access information may require 
additional layers of security and verification, however moving 
services outside trusted network boundary 46 will allow an 
increase in services, reduce the cost of services, and allow 
greater competition to provide services. 

Further, telco application server 22 may continue to monitor 
a call while in progress. A periodic sampling may be taken of 
the callee voice. In addition, triggers, such as detecting 
another phone off-hook, may initiate sampling current callee 
voices . 
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Ref erring now to Figure 4, there is illustrated a flow 
diagram of a signal flow and processing where an intermediary 
device authenticates a caller identity in accordance with the 
method, system, and program of the present invention. A standard 
telephone device is assumed for the Atel@ origin device in the 
present example. However, a similar signal flow may be applied 
to other types of origin devices. 

The caller lifts a handset creating an off-hook state in the 
origin device and a corresponding change in state of an off -hook 
signal to the central office (step SI) . In response to detecting 
an off-hook signal at the central office, a dial tone may be 
extended to the origin device (step S2) . Alternatively the dial- 
tone may be extended to the origin device after a line subscriber 
profile has been loaded. In addition, when an off -hook signal is 
detected at the central office, a register is preferably assigned 
to the call. 

Next, dialed digits may be received from the origin device 
(step S3) . The caller may utilize multiple available formats for 
indicating a wireless or wireline telephone number including, but 
not limited to, voice dialing, keypad entry, or stylus 
selections. Further, a caller may select an RVID for a preferred 
callee, wherein the central office will initiate a service to 
search for the callee at devices accessible to the callee. In 
particular, the service may be located within an IP that is 
enabled to track the line numbers utilized by a particular RVID 
and query each line number for the callee. 
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In general, the central office utilizes the dialed digits to 
route the call to the central office servicing the telephone 
number and extend the call to that telephone number line (step 
S4) • In response to detecting an off -hook state at a destination 
5 device connected to the telephone number line, a pickup signal is 
returned to the central office (step S5) . 

In response to detecting a pickup at a destination point, 
the central office triggers a SIV initiation to an IP within the 
'&) PSTN network (step S6) . The call is preferably transferred to 
'}"f the IP such that a voice channel and signal channel are opened 
in between the destination device and the IP. The IP preferably 
V- responds to a SIV initiation with a prompting instruction to the 

PsI 

fU callee to provide specific identifying information (step S7) . It 
hs should be mentioned that although the IP could passively monitor 
fU any speech that the callee may utter, it is advantageous to 

specifically prompt the callee. For example, the IP may play an 
13 audio prompt message asking the callee to APlease say your full 

name.@ In addition, the prompt may request other identifying 
20 information such as a service provider and subject of the call, 
for example. Further, the central office may trigger a SIV 
initiation to an IP at other times during a call. The spoken 
identification information at the destination device is 
transferred through the central office to the IP (step S8) . 

25 

Analysis is performed on the spoken identification 
information to determine a name of a callee and extract speech 
characteristics information (step S9) . A voice template or other 
voice pattern information may be stored at a data storage system 
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within an extended network accessible within the trusted network 
boundary according to a callee identity. In addition, as will be 
described in Figure 5, a voice template or other voice pattern 
information may be stored at an external data storage system 
accessible outside the trusted network boundary according to a 
callee identity. 

Preferably, the SIV function of an IP compares the extracted 
speech information to the stored pattern information, to identify 
and authenticate the particular callee. If there is a match 
between the extracted speech information and the stored pattern 
information, then a RVID signal containing the authenticated 
identity of the callee is transferred to the central office for 
storage in the register assigned to the call (step SIO) - In 
addition, the call is returned with the RVID to the central 
office and the RVID is recorded in the SCP. 

In addition to authenticating the identity of the callee 
receiving a call, the identity of the device utilized to receive 
the call and each line number accessed during a call may be 
included in a RVID. Each destination device may include an 
identification number that is stored in the register assigned to 
a call and attached to the RVID of a call by the central office. 

Alternatively, where a single OE line includes multiple outlets, 
the device at each outlet may be identified according to the 
location of the outlet. Further, where multiple devices are 
utilized to answer a call, the identity of each device may be 
detected and provided in an RVID. Moreover, the context of a 
call, including a device identity, may be inferred from the 
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device location, device owner and other context. 

Once a RVID is received at the central office for a call, 
the central office triggers a request to an SCP for a callee 
5 profile according to the RVID (step Sll) . The SCP searches for a 
callee profile in a local data storage system or a remote data 
storage system within the extended trusted network. 
Alternatively, the SCP may access the callee profile according to 
^ . RVID from a data storage system accessible outside the trusted 
310 network boundary. Further, in lieu of, or in addition to the 
r'"' information stored at the SCP, a request may be extended from the 
v'^ PSTN to other servers storing information about a callee 
'i according to profile, depending on the services to be provided to 
|y a callee. The SCP returns a callee profile that indicates 
'l5 additional personal information about a callee, billing 
^'-J information, and services selected by a callee (step S12) . The 
;1 central office loads the profile into the register associated to 
P the call (step S13) . 

20 Next, the RVID is filtered (step 814). The RVID may be 

filtered to block the RVID from transfer to the caller, to 
specify the content of the RVID for transfer to the caller, and 
to specify the content of the RVID for access by a data mining 
service or online retailers. Then, the RVID is transferred via 

25 the signal channel to the origin device (step S15) . The origin 

device preferably controls output of the RVID via, for example, a 
graphical user interface or a speaker, such that a caller is able 
to decide whether to a speak with an identified callee. 
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The importance of forwarding the callee RVID to the origin 
device is that the caller receives an identification of the 
person who has answered a call. Output of a callee RVID, 
including a callee name, device identification, geographic 
context, and other information, is more advantageous than a 
typical caller ID service that indicates the line number and 
person billed for the line number because with the RVID, the 
actual callee is identified, but the actual line number may be 
blocked from the caller. 

Not identifying a line number of a destination device is 
particularly advantageous where a destination device includes a 
call center for managing multiple telephony devices, where each 
telephony device is assigned a wireline number. A caller may 
dial a number that accesses the call center, where the call 
center transfers the call to a telephony device answered by a 
representative. Rather than disclosing the line number of the 
telephony device utilized by the first representative, an 
identifier for the representative may be transferred to the 
caller. In particular, where a caller dials a first number and 
then asks to be transferred to another line managed by a call 
center or private switching system, it may be advantageous for 
company to protect the line numbers utilized within the company 
but also to provide a customer with an identification of the 
employee answering a call. 

Alternatively, line numbers accessed during a call may be 
included in a filtered RVID to the caller, such that the caller 
is enabled to trace the path of a call. Where a call is 
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forwarded to another line number, the subscriber to that line 
number may select to block the line number or allow it to be 
published in an RVID accessible to the caller. Businesses may 
also find that it is advantageous to allow a caller to view the 
extension of representatives, in addition to the identity of a 
representative, such that the extension of a representative is 
captured to enter during future calls* 

The call is then processed according to the callee profile 
(step S16) . In particular, the identity of the current callee 
may continue to be authenticated. Further, other context to a 
call may be updated in a tagged RVID that is recorded and may be 
transferred to the caller. 

If there is not a match of the extracted speech information 
with the voice templates, then a determination is made as to 
whether a callee has made more than n tries to speak 
identification information that has not matched (step S17) . If 
the callee has not made more than n tries, then a prompt is 
output to the callee to provide another spoken utterance. If the 
callee has made more than n tries, then a denial signal is 
transferred to the central office (step S18) . In addition, 
instructions for creating a voice template may be provided. 
Further, the line subscriber profile associated with the line 
number of the destination device may be accessed to determine 
services available to the destination device. In addition, the 
central office may automatically initiate recording of the call 
where a callee identity is not authenticated- 
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It should be noted that with each transfer of an RVID, the 
central office, the SCP, and the origin device may each record 
and filter the RVID. In particular, filtering the RVID may 
require blocking all or portions of the content of the RVID. 

With reference now to Figure 5, there is depicted a flow 
diagram of a signal flow and processing where an external system 
is accessed by an intermediary device to authenticate a callee 
identity in accordance with the method, system, and program of 
the present invention. 

In response to receiving on off-hook state at the central 
office, a register is created for a call. A request for a callee 
authentication service is initiated by the central office to the 
signaling and media gateways (step S20) The signaling gateway 
initiates a secure signal channel between the central office and 
a telco application server that provides a callee authentication 
service (step S21) . The media gateway initiates a secure media 
channel between the central office and the telco application 
server (step S22) . Further, the central office may trigger a 
callee authentication service at other times during a call. 

The call may then be transferred to the telco application 
server, however the central office brokers the communication 
channels between the telco application server and origin and 
destination devices. In particular, the telco application server 
may allow a caller to listen to the callee identity 
authentication process or parts of the process. Alternatively, 
only a connection between the telco application server and the 
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destination device may be brokered, such that when the call is 
returned to the central office, the central office establishes 
the communication channel between the origin and destination 
devices . 

To provide service, the authorization service application of 
the telco application server provides a prompting instruction to 
the callee to provide specific identifying information (step 
S23) . For example, the authorization service application may 
play an audio prompt message asking the callee to APlease say 
your full name.e In addition, the prompt may request other 
identifying information such as a service provider and subject of 
the call, for example. The spoken identification information is 
then received at the central office from the destination device 
and transferred via the media gateway to the telco application 
server (step S24) . 

Analysis is performed on the spoken identification 
information to determine a name of a caller and extract speech 
characteristics information (step S25) . A voice template or 
other voice pattern information may be accessible to the telco 
application server from a local or remote database management 
system. Preferably, the authorization service application 
compares the extracted speech information to the stored pattern 
information, to identify and authenticate the particular callee. 
If there is a match between the extracted speech information and 
the stored pattern information, then a RVID signal containing the 
authenticated identity of the callee is distributed to the 
central office (step S26) , the call is returned to the central 
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office, and the RVID stored in the SCP. 

If there is not a match of the extracted speech information 
with the voice templates, then a determination is made as to 
whether a callee has made more than n tries to speak 
identification information that has not matched (step S27) . If 
the callee has not made more than n tries, then a prompt is 
output to the callee to provide another spoken utterance. If the 
callee has made more than n tries, then a denial message is 
output to the central office (step S28) and the call is returned 
thereto. In addition, instructions for creating a voice template 
may be provided. 

It should be noted that with each transfer of an RVID, the 
central office, signaling gateway, telco application server, and 
origin device may each record and filter the RVID. In 
particular, filtering the RVID may require blocking all or 
portions of the content of the RVID. 

It is important to note that while the present invention has 
been described in the context of a fully functioning data 
processing system, those of ordinary skill in the art will 
appreciate that the processes of the present invention are 
capable of being distributed in the form of a computer readable 
medium of instructions and a variety of forms and that the 
present invention applies equally regardless of the particular 
type of signal bearing media actually used to carry out the 
distribution. Examples of computer readable media include 
recordable-type media, such as a floppy disk, a hard disk drive. 
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a RAM, CD-ROMs, DVD-ROMs, and transmission-type media, such as 
digital and analog communications links, wired or wireless 
communications links using transmission forms, such as, for 
example, radio frequency and light wave transmissions. The 
computer readable media may take the form of coded formats that 
are decoded for actual use in a particular data processing 
system. 

While the invention has been particularly shown and 
described with reference to a preferred embodiment, it will be 
understood by those skilled in the art that various changes in 
form and detail may be made therein without departing from the 
spirit and scope of the invention. 



